Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/hbpK8gLd9QpFA-7LAcaZ0fE7Pqc.roa
File: hbpK8gLd9QpFA-7LAcaZ0fE7Pqc.roa (raw, json)
Hash identifier: elYcxeg102edyH/jFVHsEpdgGPeCdQ+/Z7P+h8KsS5Q=
Subject key identifier: 85:BA:4A:F2:02:DD:F5:0A:45:03:EE:CB:01:C6:99:D1:F1:3B:3E:A7
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018705E06FF2EADD8C063702EA999309D6D6
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/hbpK8gLd9QpFA-7LAcaZ0fE7Pqc.roa
Signing time: Tue 21 Mar 2023 20:33:27 +0000
ROA not before: Tue 21 Mar 2023 20:33:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 5.104.74.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
5.104.75.0/24 maxlen: 24
194.124.41.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:05:e0:6f:f2:ea:dd:8c:06:37:02:ea:99:93:09:d6:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 21 20:33:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85ba4af202ddf50a4503eecb01c699d1f13b3ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0a:67:f4:5b:a3:67:35:a5:2f:e1:8c:6a:12:
7d:6d:cb:b9:9f:8e:95:18:b6:27:a7:72:a5:21:ae:
b4:40:fc:90:e6:b1:f4:98:61:a4:9e:07:c7:d4:58:
20:b8:76:1b:44:57:81:2e:62:66:59:c8:15:a6:3e:
ab:37:8e:ae:5b:4a:df:b5:3d:55:85:94:ab:6b:03:
45:b8:6c:b9:ec:71:8a:b0:37:85:b5:0b:ca:59:b9:
81:0e:ad:52:00:34:94:c0:74:e7:b2:93:aa:7e:41:
8d:48:68:a1:64:f5:8a:63:46:bb:dd:95:02:2a:75:
d9:41:c1:a3:b8:de:06:33:dc:6b:6c:87:2f:65:a0:
53:3f:63:06:bb:c3:b0:8d:ac:96:e4:15:aa:42:02:
ac:88:2c:bf:17:61:78:dc:e0:25:cc:82:67:ac:b1:
64:e3:5f:e3:4d:e7:4d:af:68:86:ad:21:38:7b:61:
47:25:4b:25:d6:26:74:58:91:bd:35:40:ec:78:2f:
14:da:aa:c3:bc:95:d1:dd:1c:5b:26:0e:5b:4c:4e:
b3:93:bc:5e:ae:62:83:09:27:45:ad:64:49:2e:7f:
17:e4:b9:56:96:3a:bf:89:e5:76:c4:3f:79:76:42:
48:d8:1a:43:eb:1e:03:29:38:ab:31:0b:0b:a8:b4:
77:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:BA:4A:F2:02:DD:F5:0A:45:03:EE:CB:01:C6:99:D1:F1:3B:3E:A7
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/hbpK8gLd9QpFA-7LAcaZ0fE7Pqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/23
91.245.239.0/24
95.214.92.0/23
95.214.95.0/24
194.124.41.0/24
Signature Algorithm: sha256WithRSAEncryption
95:73:54:3f:d0:f9:ba:96:dd:e7:08:b9:fc:72:e6:77:be:9b:
cf:a3:3b:fb:eb:d4:a4:5c:37:b8:a6:81:97:ae:a8:41:9b:c2:
98:45:67:f5:27:98:8f:ca:03:8b:a9:b6:34:16:2e:02:0c:aa:
87:ed:e5:ba:a0:09:38:c3:3e:f1:51:05:f0:fe:0e:5b:1d:1b:
31:51:4f:55:70:b7:63:6e:89:05:14:47:a0:c8:d0:e2:b3:9b:
92:a2:fb:c0:b8:77:74:82:61:08:98:a6:6d:64:96:2a:0c:30:
ec:c7:22:0c:78:e8:ab:02:fa:cf:1a:12:f1:d0:84:e3:e7:fa:
6e:45:bb:7b:7f:55:8b:04:89:c7:94:fe:49:7a:8e:12:72:25:
1b:e3:dc:a3:de:db:d9:e8:fa:fb:a3:6a:5b:c2:41:0b:6f:16:
93:f3:1e:48:34:75:fc:08:4e:1a:33:ae:73:15:b5:73:6a:da:
9e:a9:f1:83:3d:92:76:2b:f3:d0:3f:d3:97:43:68:7d:98:a8:
5e:f3:62:ba:5d:ec:3e:90:53:ac:e2:0e:5c:45:7b:3e:d6:5f:
c8:c3:00:03:04:7b:7d:18:b0:0a:87:2d:e2:ad:35:03:1c:c9:
cd:0e:e8:06:b2:da:b1:af:99:80:86:d1:4f:ae:be:0a:b1:18:
2d:25:c2:af
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYcF4G/y6t2MBjcC6pmTCdbWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIxMjAzMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWJhNGFmMjAyZGRmNTBhNDUwM2VlY2IwMWM2OTlkMWYxM2IzZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugpn9FujZzWlL+GMahJ9bcu5n46V
GLYnp3KlIa60QPyQ5rH0mGGkngfH1FgguHYbRFeBLmJmWcgVpj6rN46uW0rftT1V
hZSrawNFuGy57HGKsDeFtQvKWbmBDq1SADSUwHTnspOqfkGNSGihZPWKY0a73ZUC
KnXZQcGjuN4GM9xrbIcvZaBTP2MGu8OwjayW5BWqQgKsiCy/F2F43OAlzIJnrLFk
41/jTedNr2iGrSE4e2FHJUsl1iZ0WJG9NUDseC8U2qrDvJXR3RxbJg5bTE6zk7xe
rmKDCSdFrWRJLn8X5LlWljq/ieV2xD95dkJI2BpD6x4DKTirMQsLqLR3BwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIW6SvIC3fUKRQPuywHGmdHxOz6nMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvaGJwSzhnTGQ5UXBGQS03TEFjYVowZkU3UHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABWhIAwQB
BWhKAwQAW/XvAwQBX9ZcAwQAX9ZfAwQAwnwpMA0GCSqGSIb3DQEBCwUAA4IBAQCV
c1Q/0Pm6lt3nCLn8cuZ3vpvPozv769SkXDe4poGXrqhBm8KYRWf1J5iPygOLqbY0
Fi4CDKqH7eW6oAk4wz7xUQXw/g5bHRsxUU9VcLdjbokFFEegyNDis5uSovvAuHd0
gmEImKZtZJYqDDDsxyIMeOirAvrPGhLx0ITj5/puRbt7f1WLBInHlP5Jeo4SciUb
49yj3tvZ6Pr7o2pbwkELbxaT8x5INHX8CE4aM65zFbVzatqeqfGDPZJ2K/PQP9OX
Q2h9mKhe82K6Xew+kFOs4g5cRXs+1l/IwwADBHt9GLAKhy3irTUDHMnNDugGstqx
r5mAhtFPrr4KsRgtJcKv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:40 2023 by rpki-client on console-fra.rpki-client.org